Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-21503

Summary
Assigner-dell
Assigner Org ID-c550e75a-17ff-4988-97f0-544cde3820fe
Published At-08 Mar, 2021 | 21:44
Updated At-17 Sep, 2024 | 03:43
Rejected At-
Credits

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:dell
Assigner Org ID:c550e75a-17ff-4988-97f0-544cde3820fe
Published At:08 Mar, 2021 | 21:44
Updated At:17 Sep, 2024 | 03:43
Rejected At:
▼CVE Numbering Authority (CNA)

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation.

Affected Products
Vendor
Dell Inc.Dell
Product
PowerScale OneFS
Versions
Affected
  • From unspecified before 8.1.2, 8.2.2,9.1.0.x,EMPIRE (9.2.0), GOTHAM (custom)
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/000183717
x_refsource_MISC
Hyperlink: https://www.dell.com/support/kbdoc/000183717
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dell.com/support/kbdoc/000183717
x_refsource_MISC
x_transferred
Hyperlink: https://www.dell.com/support/kbdoc/000183717
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security_alert@emc.com
Published At:08 Mar, 2021 | 22:15
Updated At:12 Mar, 2021 | 19:28

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Dell Inc.
dell
>>emc_powerscale_onefs>>8.1.2
cpe:2.3:o:dell:emc_powerscale_onefs:8.1.2:*:*:*:*:*:*:*
Dell Inc.
dell
>>emc_powerscale_onefs>>8.2.2
cpe:2.3:o:dell:emc_powerscale_onefs:8.2.2:*:*:*:*:*:*:*
Dell Inc.
dell
>>emc_powerscale_onefs>>9.1.0
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE-78Secondarysecurity_alert@emc.com
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-78
Type: Secondary
Source: security_alert@emc.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.dell.com/support/kbdoc/000183717security_alert@emc.com
Vendor Advisory
Hyperlink: https://www.dell.com/support/kbdoc/000183717
Source: security_alert@emc.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

512Records found
CVE-2024-37130
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.07% / 22.95%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 01:34
Updated-09 Jan, 2025 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise.

Action-Not Available
Vendor-Dell Inc.
Product-openmanage_server_administratorDell OpenManage Server Administratoropenmanage_server_administrator
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-37129
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.31%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 08:47
Updated-13 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-inventory_collectorDell Inventory Collectorsupportassist_for_business_pcscommand_updatesupportassist_for_home_pcsupdatealienware_update
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-29085
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.4||MEDIUM
EPSS-0.10% / 28.94%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 21:00
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentunityvsa_operating_environmentunity_xt_operating_environmentUnity
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-26863
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.3||MEDIUM
EPSS-0.04% / 9.46%
||
7 Day CHG~0.00%
Published-23 Jun, 2022 | 17:55
Updated-16 Sep, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_5515_firmwareinspiron_3180inspiron_3185_firmwareinspiron_3585inspiron_5415_all-in-one_firmwarevostro_3525_firmwareg5_se_5505inspiron_27_7775_firmwareinspiron_5575_firmwareinspiron_3275vostro_5415inspiron_7415_firmwareinspiron_5415inspiron_3785_firmwareinspiron_3525_firmwareinspiron_3195inspiron_14_5425inspiron_3515_firmwareinspiron_3180_firmwareinspiron_3475inspiron_5505alienware_m15_r5_firmwareinspiron_3505inspiron_3595vostro_5515g15_5515inspiron_3275_firmwareinspiron_7425_firmwarevostro_3405inspiron_5485vostro_5515_firmwareg15_5515_firmwarevostro_5625vostro_3515_firmwareinspiron_3185inspiron_7405_firmwareinspiron_5515inspiron_5415_firmwareinspiron_5405_firmwareinspiron_3505_firmwareinspiron_5585inspiron_7375_firmwareinspiron_3785inspiron_3515inspiron_7415inspiron_3525vostro_3405_firmwarevostro_3515inspiron_5575vostro_5625_firmwareinspiron_3195_firmwareinspiron_5415_all-in-oneinspiron_27_7775inspiron_5505_firmwareinspiron_7425alienware_m15_r5inspiron_3595_firmwareinspiron_7375inspiron_3585_firmwareinspiron_5485_firmwareg5_se_5505_firmwareinspiron_5585_firmwareinspiron_7405vostro_5415_firmwareinspiron_14_5425_firmwareinspiron_5405inspiron_3475_firmwarevostro_3525CPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-26860
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.02% / 3.60%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 20:15
Updated-17 Sep, 2024 | 04:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareoptiplex_7770_all-in-onexps_15_9510_firmwareinspiron_3470latitude_e7270inspiron_7300_firmwarelatitude_3520vostro_3468precision_3561_firmwareinspiron_7570vostro_3669xps_17_9710_firmwareg5_15_5587inspiron_5590_firmwareprecision_7560g7_17_7790_firmwarelatitude_5179latitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070latitude_9420inspiron_5490_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511latitude_7390_2-in-1inspiron_7501precision_5530_2-in-1inspiron_7300_2-in-1precision_5550xps_17_9700inspiron_7580_firmwareprecision_7720vostro_5581_firmwarelatitude_5300vostro_3400latitude_3380_firmwareoptiplex_7760_aiog3_3500precision_5530_firmwareoptiplex_5040vostro_15_7580optiplex_5050latitude_7320latitude_3470inspiron_15_gaming_7577latitude_7300optiplex_7090optiplex_3050_aioprecision_3620_towervostro_5468g7_17_7700_firmwarexps_13_9360optiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_5490_aio_firmwareinspiron_7000latitude_3420latitude_3590_firmwarelatitude_7490_firmwarevostro_5491_firmwareprecision_5520latitude_5310_2-in-1_firmwareinspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_3471inspiron_3511_firmwarelatitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwarelatitude_5175_firmwareinspiron_7586optiplex_3040_firmwarelatitude_3400optiplex_5070latitude_3420_firmwareg5_5000inspiron_13_5378_firmwarexps_15_9575_2-in-1inspiron_5491_2-in-1_firmwarelatitude_7285_firmwareoptiplex_3090_firmwareoptiplex_3240_all-in-onexps_13_9370_firmwarevostro_3581_firmwareinspiron_7506_2-in-1_firmwarelatitude_7320_detachable_firmwarevostro_3581latitude_9410optiplex_7070latitude_3570optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwareinspiron_15_5578_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedoptiplex_7090_ultra_firmwarevostro_3268_firmwarevostro_3660inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletprecision_3450inspiron_5510latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarevostro_3568latitude_e5470_firmwarevostro_5591vostro_5090precision_5560latitude_3190vostro_5370latitude_7220ex_rugged_extreme_tablet_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_5521vostro_3478latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540inspiron_3910inspiron_7510_firmwareinspiron_3580_firmwarelatitude_7520inspiron_3781_firmwarevostro_5370_firmwarewyse_5070_firmwarevostro_3670_firmwareinspiron_15_gaming_7577_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520vostro_3660_firmwarewyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290vostro_5410latitude_7212_rugged_extreme_tablet_firmwareinspiron_5402precision_7540_firmwareinspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881vostro_5401edge_gateway_5000_firmwareinspiron_5593wyse_5470_firmwarelatitude_5420_firmwareprecision_3561inspiron_7580vostro_5390_firmwareinspiron_5770latitude_3580vostro_5300precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarealienware_m15_r6_firmwareoptiplex_5270_all-in-oneinspiron_5410_2-in-1optiplex_xe3vostro_3584precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwarelatitude_5491latitude_9520_firmwareprecision_5560_firmwarevostro_5468_firmwarevostro_3690_firmwareoptiplex_7040inspiron_7386latitude_5520_firmwareoptiplex_5090optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_7280latitude_5400latitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551vostro_5491precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwareinspiron_7610latitude_7275_2-in-1_firmwarevostro_5301_firmwareg7_17_7790vostro_5890embedded_box_pc_3000inspiron_5400_2-in-1latitude_7285inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7610_firmwareoptiplex_7770_all-in-one_firmwareinspiron_5400_2-in-1_firmwareinspiron_7391vostro_3671_firmwareprecision_3440vostro_5402optiplex_7090_ultrag5_5000_firmwareoptiplex_7470_all-in-oneoptiplex_7460_firmwareoptiplex_5250_firmwareinspiron_3576inspiron_3671_firmwareinspiron_7500_2-in-1_firmwareinspiron_5510_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwarevostro_15_7580_firmwarelatitude_7214inspiron_3781vostro_3690inspiron_3576_firmwareinspiron_5300_firmwareg7_7588_firmwarelatitude_3570_firmwareoptiplex_3050_firmwareoptiplex_7490_all-in-onevostro_7500inspiron_7590_firmwareinspiron_7791_firmwarevostro_3568_firmwareprecision_7740_firmwareinspiron_15_3567latitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530g7_7588latitude_5411_firmwarelatitude_3510_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultrainspiron_5370precision_7740xps_13_9365inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareoptiplex_7440_aioinspiron_15_5579_firmwareinspiron_7306_2-in-1xps_13_9310_firmwareinspiron_3790_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_5770_firmwareinspiron_7586_firmwareprecision_5760_firmwarelatitude_3180_firmwarevostro_3681_firmwarevostro_3580_firmwareinspiron_3581_firmwareinspiron_17_7773latitude_9510_firmwarevostro_5890_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1optiplex_5490_aio_firmwareprecision_7760_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511vostro_3668xps_13_9305_firmwareinspiron_5410latitude_7280_firmwarevostro_5502vostro_3670edge_gateway_3000latitude_5280latitude_5179_firmwareoptiplex_7780_all-in-oneinspiron_5490inspiron_15_5578inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareprecision_3930_rackprecision_7550vostro_3490inspiron_5391g5_15_5590_firmwareinspiron_5598latitude_5320_firmwarexps_7590_firmwareoptiplex_3080latitude_3480precision_5750latitude_rugged_5430vostro_3671inspiron_7591latitude_7310inspiron_7790latitude_5421_firmwareinspiron_7500inspiron_7790_firmwareg15_5511latitude_3379precision_5760vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwarevostro_3478_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareoptiplex_7060latitude_5290_firmwarelatitude_7424_rugged_extremeinspiron_13_5379_firmwareoptiplex_7480_all-in-one_firmwareg5_5090_firmwareoptiplex_3240_all-in-one_firmwarelatitude_7390vostro_3500g3_15_3590latitude_3390_firmwareprecision_3240_compactinspiron_14_3476precision_7750_firmwarelatitude_3520_firmwarelatitude_5285_2-in-1_firmwareinspiron_5490_aiovostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwareprecision_3510_firmwareinspiron_7400inspiron_7370_firmwareprecision_3650_tower_firmwarelatitude_7389_firmwareinspiron_7500_2-in-1optiplex_7470_all-in-one_firmwarevostro_3510latitude_e7470precision_3630_tower_firmwareoptiplex_5040_firmwarexps_13_9310_2-in-1inspiron_3581inspiron_13_7378vostro_5568inspiron_5400_firmwareinspiron_15_5566_firmwarelatitude_5424_ruggedlatitude_5488_firmwareinspiron_5583inspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1g5_5500g5_15_5587_firmwareinspiron_15_7572inspiron_7506_2-in-1vostro_5568_firmwareg7_7500precision_3650_towerinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwarevostro_3881_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550inspiron_3891_firmwarelatitude_7370_firmwarelatitude_7370optiplex_3090_ultra_firmwarelatitude_7420_firmwareoptiplex_5070_firmwareinspiron_5501vostro_5501_firmwarelatitude_3310_2-in-1inspiron_5390_firmwareoptiplex_3090_ultralatitude_5490vostro_3070_firmwareinspiron_7390_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_3891inspiron_7786vostro_5310xps_13_9305latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180inspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_7090_firmwareoptiplex_3070_firmwareg15_5511_firmwarelatitude_7410_firmwarevostro_3667latitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1vostro_3910inspiron_5491_aioinspiron_13_5378inspiron_3780inspiron_7380_firmwareg5_5500_firmwarelatitude_rugged_7330_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarelatitude_3400_firmwarevostro_3890latitude_3510precision_3560_firmwareinspiron_5584precision_3520inspiron_17_7773_firmwareinspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570vostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471xps_17_9700_firmwareinspiron_3480_firmwareoptiplex_5060_firmwarevostro_3590vostro_5390vostro_3578vostro_5590_firmwarelatitude_3470_firmwareprecision_7530_firmwareinspiron_3790vostro_3583_firmwareinspiron_15_5566latitude_3190_firmwareinspiron_5494xps_15_9500latitude_5500inspiron_15_5582inspiron_5508_firmwareprecision_7550_firmwarelatitude_3500_firmwarechengming_3991latitude_5288_firmwareinspiron_7501_firmwareinspiron_5480optiplex_7760_aio_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501precision_3450_firmwareinspiron_7472_firmwarechengming_3990inspiron_5301vostro_3583latitude_5491_firmwarevostro_5880_firmwarexps_17_9710inspiron_3493precision_5750_firmwarelatitude_7214_firmwarexps_13_9365_firmwareoptiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarelatitude_3410_firmwarelatitude_5520inspiron_7510vostro_5481wyse_5470_all-in-oneinspiron_7400_firmwareprecision_3530_firmwarelatitude_3320inspiron_5583_firmwarexps_13_9310_2-in-1_firmwarelatitude_5580_firmwarelatitude_3189inspiron_5410_2-in-1_firmwarexps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_7472latitude_5175inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarelatitude_3320_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080vostro_3578_firmwareg15_5510vostro_7500_firmwarelatitude_5480inspiron_5310vostro_5510_firmwarevostro_5471_firmwareinspiron_14_3476_firmwareoptiplex_3046vostro_3468_firmwarelatitude_5414_rugged_firmwarelatitude_5424_rugged_firmwarelatitude_rugged_7330inspiron_15_5582_firmwarelatitude_7300_firmwarelatitude_5421latitude_9420_firmwarelatitude_5510g7_17_7700inspiron_5401_aio_firmwarevostro_5300_firmwarewyse_5470optiplex_5090_firmwarevostro_3501_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarexps_27_7760inspiron_7786_firmwarelatitude_3310_2-in-1_firmwareinspiron_15_5579latitude_5320latitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_27_7760_firmwareoptiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411precision_7760optiplex_7450_firmwareinspiron_7306_2-in-1_firmwareoptiplex_7450vostro_3500_firmwareoptiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwarelatitude_7320_detachableinspiron_5509latitude_3480_firmwarelatitude_3189_firmwarelatitude_9520xps_13_9360_firmwarevostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_5498optiplex_7440_aio_firmwarelatitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300inspiron_7706_2-in-1inspiron_5508latitude_5289_firmwareprecision_5550_firmwarechengming_3980_firmwareinspiron_5491_2-in-1g7_7500_firmwarelatitude_3120_firmwarelatitude_5590_firmwareinspiron_15_7572_firmwareinspiron_5590vostro_5481_firmwarevostro_5490inspiron_5301_firmwarevostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5408_firmwareinspiron_5498_firmwareprecision_5540vostro_5490_firmwareinspiron_3480latitude_7520_firmwarelatitude_3490precision_3930_rack_firmwarevostro_3710inspiron_3670latitude_5420inspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareinspiron_7390precision_3430_tower_firmwareprecision_7560_firmwarelatitude_3300_firmwarevostro_5471latitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490vostro_5581latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareinspiron_3670_firmwarevostro_15_7570inspiron_5410_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwareinspiron_5408latitude_7220_rugged_extreme_tablet_firmwarevostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwareoptiplex_3046_firmwarelatitude_3380latitude_5289g3_3500_firmwareprecision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwarelatitude_3410precision_5510_firmwarevostro_5402_firmwareprecision_3420_towerg5_15_5590optiplex_7490_all-in-one_firmwareinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarelatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarelatitude_3500vostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarealienware_m15_r6precision_5520_firmwarevostro_3890_firmwareoptiplex_5490_aiochengming_3988xps_15_7590latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareprecision_5540_firmwareinspiron_5401_firmwareinspiron_7573vostro_5501vostro_5590xps_8940_firmwarelatitude_7320_firmwarelatitude_3120vostro_3480precision_3560inspiron_5401_aiooptiplex_5260_all-in-one_firmwareinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedoptiplex_3070inspiron_13_7378_firmwareoptiplex_3040vostro_3910_firmwarelatitude_7290_firmwareprecision_7530inspiron_5370_firmwareinspiron_5391_firmwareinspiron_5502_firmwareoptiplex_7460xps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareinspiron_5409_firmwareprecision_3510xps_13_9380_firmwareinspiron_13_5379inspiron_5390latitude_5288latitude_7490optiplex_7060_firmwareprecision_3240_compact_firmwarelatitude_5521_firmwareinspiron_5401optiplex_5250vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwarevostro_15_7570_firmwareCPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26856
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.69%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 20:50
Updated-16 Sep, 2024 | 22:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application's database with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_repository_managerDell Repository Manager (DRM)
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-26862
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.3||MEDIUM
EPSS-0.04% / 9.46%
||
7 Day CHG~0.00%
Published-23 Jun, 2022 | 17:55
Updated-16 Sep, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_5515_firmwareinspiron_3180inspiron_3185_firmwareinspiron_3585inspiron_5415_all-in-one_firmwarevostro_3525_firmwareg5_se_5505inspiron_27_7775_firmwareinspiron_5575_firmwareinspiron_3275vostro_5415inspiron_7415_firmwareinspiron_5415inspiron_3785_firmwareinspiron_3525_firmwareinspiron_3195inspiron_14_5425inspiron_3515_firmwareinspiron_3180_firmwareinspiron_3475inspiron_5505alienware_m15_r5_firmwareinspiron_3505inspiron_3595vostro_5515g15_5515inspiron_3275_firmwareinspiron_7425_firmwarevostro_3405inspiron_5485vostro_5515_firmwareg15_5515_firmwarevostro_5625vostro_3515_firmwareinspiron_3185inspiron_7405_firmwareinspiron_5515inspiron_5415_firmwareinspiron_5405_firmwareinspiron_3505_firmwareinspiron_5585inspiron_7375_firmwareinspiron_3785inspiron_3515inspiron_7415inspiron_3525vostro_3405_firmwarevostro_3515inspiron_5575vostro_5625_firmwareinspiron_3195_firmwareinspiron_5415_all-in-oneinspiron_27_7775inspiron_5505_firmwareinspiron_7425alienware_m15_r5inspiron_3595_firmwareinspiron_7375inspiron_3585_firmwareinspiron_5485_firmwareg5_se_5505_firmwareinspiron_5585_firmwareinspiron_7405vostro_5415_firmwareinspiron_14_5425_firmwareinspiron_5405inspiron_3475_firmwarevostro_3525CPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24411
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-378
Creation of Temporary File With Insecure Permissions
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2022-34462
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.78%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 06:51
Updated-20 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.

Action-Not Available
Vendor-Dell Inc.
Product-policy_manager_for_secure_connect_gatewaySecure Connect Gateway (SCG) Policy Manager
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-24415
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 02:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24416
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.11% / 30.00%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-16 Sep, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-22550
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.82%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 17:50
Updated-17 Sep, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-549
Missing Password Field Masking
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-21561
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.06%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 20:00
Updated-16 Sep, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2022-23156
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.04% / 11.57%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 20:00
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server.

Action-Not Available
Vendor-Dell Inc.
Product-wyse_device_agentDell Wyse Device Agent
CWE ID-CWE-287
Improper Authentication
CVE-2021-21595
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.14% / 34.19%
||
7 Day CHG-0.05%
Published-16 Aug, 2021 | 22:00
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-21545
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.52%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 19:50
Updated-16 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user.

Action-Not Available
Vendor-Dell Inc.
Product-peripheral_managerDell Peripheral Manager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-21535
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.4||HIGH
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 17:40
Updated-16 Sep, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system.

Action-Not Available
Vendor-Dell Inc.
Product-hybrid_clientDell Hybrid Client (DHC)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-21601
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.04% / 10.13%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 19:05
Updated-17 Sep, 2024 | 03:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with the privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_integrated_data_protection_applianceemc_data_protection_searchData Protection Search
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2022-33921
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.12% / 31.44%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-32857
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.03% / 7.74%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 08:37
Updated-08 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege

Action-Not Available
Vendor-Dell Inc.
Product-peripheral_managerDell Peripheral Managerperipheral_manager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-33225
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.71%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 15:15
Updated-13 Feb, 2025 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtek(r) High Definition Audio Function Driver v6.0.9549.1 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

Action-Not Available
Vendor-n/aDell Inc.
Product-n/arealtek_high_definition_audio_driver
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-24569
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.58%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 12:57
Updated-24 Mar, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. A local authenticated malicious user could potentially send malicious input to a named pipe in order to elevate privileges on the system.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_command_centerAlienware Command Center (AWCC)
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33920
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.15%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

Action-Not Available
Vendor-Dell Inc.
Product-geodriveGeoDrive
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-31226
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.11% / 29.81%
||
7 Day CHG~0.00%
Published-12 Sep, 2022 | 18:35
Updated-16 Sep, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

Action-Not Available
Vendor-Dell Inc.
Product-precision_3660_towerinspiron_16_plus_7620_firmwareinspiron_7420xps_17_9720_firmwareinspiron_5620optiplex_7400vostro_3910optiplex_7000vostro_7620_firmwareinspiron_7420_firmwareoptiplex_5000_firmwareprecision_3660_tower_firmwareoptiplex_7000_oemoptiplex_5000inspiron_7620_firmwarechengming_3900optiplex_3000inspiron_5420chengming_3900_firmwarexps_17_9720vostro_3910_firmwareprecision_5770inspiron_16_plus_7620inspiron_14_plus_7420vostro_3710_firmwarevostro_5320vostro_5620_firmwarevostro_7620optiplex_3000_thin_clientinspiron_5620_firmwareoptiplex_5400inspiron_5320_firmwarevostro_5620precision_5770_firmwareinspiron_14_plus_7420_firmwareoptiplex_5400_firmwareoptiplex_3000_thin_client_firmwareoptiplex_3000_firmwareoptiplex_7000_firmwareinspiron_5320inspiron_3910vostro_3710vostro_5320_firmwareoptiplex_7400_firmwareinspiron_3910_firmwareinspiron_5420_firmwareprecision_3460_small_form_factor_firmwareoptiplex_7000_oem_firmwareprecision_3460_small_form_factorinspiron_7620CPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26861
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.9||HIGH
EPSS-0.08% / 25.40%
||
7 Day CHG~0.00%
Published-06 Sep, 2022 | 20:15
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareoptiplex_7770_all-in-onexps_15_9510_firmwareinspiron_3470latitude_e7270inspiron_7300_firmwarelatitude_3520vostro_3468precision_3561_firmwareinspiron_7570vostro_3669xps_17_9710_firmwareg5_15_5587inspiron_5590_firmwareprecision_7560g7_17_7790_firmwarelatitude_5179latitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070latitude_9420inspiron_5490_firmwarelatitude_5590optiplex_5080inspiron_5502latitude_5511latitude_7390_2-in-1inspiron_7501precision_5530_2-in-1inspiron_7300_2-in-1precision_5550xps_17_9700inspiron_7580_firmwareprecision_7720vostro_5581_firmwarelatitude_5300vostro_3400latitude_3380_firmwareoptiplex_7760_aiog3_3500precision_5530_firmwareoptiplex_5040vostro_15_7580optiplex_5050latitude_7320latitude_3470inspiron_15_gaming_7577latitude_7300optiplex_7090optiplex_3050_aioprecision_3620_towervostro_5468g7_17_7700_firmwarexps_13_9360optiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_5490_aio_firmwareinspiron_7000latitude_3420latitude_3590_firmwarelatitude_7490_firmwarevostro_5491_firmwareprecision_5520latitude_5310_2-in-1_firmwareinspiron_7490_firmwareinspiron_5409latitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_3471inspiron_3511_firmwarelatitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwarelatitude_5175_firmwareinspiron_7586optiplex_3040_firmwarelatitude_3400optiplex_5070latitude_3420_firmwareg5_5000inspiron_13_5378_firmwarexps_15_9575_2-in-1inspiron_5491_2-in-1_firmwarelatitude_7285_firmwareoptiplex_3090_firmwareoptiplex_3240_all-in-onexps_13_9370_firmwarevostro_3581_firmwareinspiron_7506_2-in-1_firmwarelatitude_7320_detachable_firmwarevostro_3581latitude_9410optiplex_7070latitude_3570optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwareinspiron_15_5578_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedoptiplex_7090_ultra_firmwarevostro_3268_firmwarevostro_3660inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletprecision_3450inspiron_5510latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarevostro_3568latitude_e5470_firmwarevostro_5591vostro_5090precision_5560latitude_3190vostro_5370latitude_7220ex_rugged_extreme_tablet_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_5521vostro_3478latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540inspiron_3910inspiron_7510_firmwareinspiron_3580_firmwarelatitude_7520inspiron_3781_firmwarevostro_5370_firmwarewyse_5070_firmwarevostro_3670_firmwareinspiron_15_gaming_7577_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520vostro_3660_firmwarewyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290vostro_5410latitude_7212_rugged_extreme_tablet_firmwareinspiron_5402precision_7540_firmwareinspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881vostro_5401edge_gateway_5000_firmwareinspiron_5593wyse_5470_firmwarelatitude_5420_firmwareprecision_3561inspiron_7580vostro_5390_firmwareinspiron_5770latitude_3580vostro_5300precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwarevostro_5301xps_15_9510inspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarealienware_m15_r6_firmwareoptiplex_5270_all-in-oneinspiron_5410_2-in-1optiplex_xe3vostro_3584precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwarelatitude_5491latitude_9520_firmwareprecision_5560_firmwarevostro_5468_firmwarevostro_3690_firmwareoptiplex_7040inspiron_7386latitude_5520_firmwareoptiplex_5090optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_7280latitude_5400latitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551vostro_5491precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwareinspiron_7610latitude_7275_2-in-1_firmwarevostro_5301_firmwareg7_17_7790vostro_5890embedded_box_pc_3000inspiron_5400_2-in-1latitude_7285inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7610_firmwareoptiplex_7770_all-in-one_firmwareinspiron_5400_2-in-1_firmwareinspiron_7391vostro_3671_firmwareprecision_3440vostro_5402optiplex_7090_ultrag5_5000_firmwareoptiplex_7470_all-in-oneoptiplex_7460_firmwareoptiplex_5250_firmwareinspiron_3576inspiron_3671_firmwareinspiron_7500_2-in-1_firmwareinspiron_5510_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwarevostro_15_7580_firmwarelatitude_7214inspiron_3781vostro_3690inspiron_3576_firmwareinspiron_5300_firmwareg7_7588_firmwarelatitude_3570_firmwareoptiplex_3050_firmwareoptiplex_7490_all-in-onevostro_7500inspiron_7590_firmwareinspiron_7791_firmwarevostro_3568_firmwareprecision_7740_firmwareinspiron_15_3567latitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530g7_7588latitude_5411_firmwarelatitude_3510_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultrainspiron_5370precision_7740xps_13_9365inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareoptiplex_7440_aioinspiron_15_5579_firmwareinspiron_7306_2-in-1xps_13_9310_firmwareinspiron_3790_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_5770_firmwareinspiron_7586_firmwareprecision_5760_firmwarelatitude_3180_firmwarevostro_3681_firmwarevostro_3580_firmwareinspiron_3581_firmwareinspiron_17_7773latitude_9510_firmwarevostro_5890_firmwareinspiron_3910_firmwareinspiron_5406_2-in-1optiplex_5490_aio_firmwareprecision_7760_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwareinspiron_3511vostro_3668xps_13_9305_firmwareinspiron_5410latitude_7280_firmwarevostro_5502vostro_3670edge_gateway_3000latitude_5280latitude_5179_firmwareoptiplex_7780_all-in-oneinspiron_5490inspiron_15_5578inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareprecision_3930_rackprecision_7550vostro_3490inspiron_5391g5_15_5590_firmwareinspiron_5598latitude_5320_firmwarexps_7590_firmwareoptiplex_3080latitude_3480precision_5750latitude_rugged_5430vostro_3671inspiron_7591latitude_7310inspiron_7790latitude_5421_firmwareinspiron_7500inspiron_7790_firmwareg15_5511latitude_3379precision_5760vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwarevostro_3478_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwarevostro_3400_firmwarevostro_5310_firmwareoptiplex_7060latitude_5290_firmwarelatitude_7424_rugged_extremeinspiron_13_5379_firmwareoptiplex_7480_all-in-one_firmwareg5_5090_firmwareoptiplex_3240_all-in-one_firmwarelatitude_7390vostro_3500g3_15_3590latitude_3390_firmwareprecision_3240_compactinspiron_14_3476precision_7750_firmwarelatitude_3520_firmwarelatitude_5285_2-in-1_firmwareinspiron_5490_aiovostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwareprecision_3510_firmwareinspiron_7400inspiron_7370_firmwareprecision_3650_tower_firmwarelatitude_7389_firmwareinspiron_7500_2-in-1optiplex_7470_all-in-one_firmwarevostro_3510latitude_e7470precision_3630_tower_firmwareoptiplex_5040_firmwarexps_13_9310_2-in-1inspiron_3581inspiron_13_7378vostro_5568inspiron_5400_firmwareinspiron_15_5566_firmwarelatitude_5424_ruggedlatitude_5488_firmwareinspiron_5583inspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1g5_5500g5_15_5587_firmwareinspiron_15_7572inspiron_7506_2-in-1vostro_5568_firmwareg7_7500precision_3650_towerinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwarevostro_3881_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550inspiron_3891_firmwarelatitude_7370_firmwarelatitude_7370optiplex_3090_ultra_firmwarelatitude_7420_firmwareoptiplex_5070_firmwareinspiron_5501vostro_5501_firmwarelatitude_3310_2-in-1inspiron_5390_firmwareoptiplex_3090_ultralatitude_5490vostro_3070_firmwareinspiron_7390_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_3891inspiron_7786vostro_5310xps_13_9305latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180inspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwarelatitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_7090_firmwareoptiplex_3070_firmwareg15_5511_firmwarelatitude_7410_firmwarevostro_3667latitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1vostro_3910inspiron_5491_aioinspiron_13_5378inspiron_3780inspiron_7380_firmwareg5_5500_firmwarelatitude_rugged_7330_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarelatitude_3400_firmwarevostro_3890latitude_3510precision_3560_firmwareinspiron_5584precision_3520inspiron_17_7773_firmwareinspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570vostro_5401_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471xps_17_9700_firmwareinspiron_3480_firmwareoptiplex_5060_firmwarevostro_3590vostro_5390vostro_3578vostro_5590_firmwarelatitude_3470_firmwareprecision_7530_firmwareinspiron_3790vostro_3583_firmwareinspiron_15_5566latitude_3190_firmwareinspiron_5494xps_15_9500latitude_5500inspiron_15_5582inspiron_5508_firmwareprecision_7550_firmwarelatitude_3500_firmwarechengming_3991latitude_5288_firmwareinspiron_7501_firmwareinspiron_5480optiplex_7760_aio_firmwareg15_5510_firmwarevostro_7510_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwarevostro_7510inspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501precision_3450_firmwareinspiron_7472_firmwarechengming_3990inspiron_5301vostro_3583latitude_5491_firmwarevostro_5880_firmwarexps_17_9710inspiron_3493precision_5750_firmwarelatitude_7214_firmwarexps_13_9365_firmwareoptiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarelatitude_3410_firmwarelatitude_5520inspiron_7510vostro_5481wyse_5470_all-in-oneinspiron_7400_firmwareprecision_3530_firmwarelatitude_3320inspiron_5583_firmwarexps_13_9310_2-in-1_firmwarelatitude_5580_firmwarelatitude_3189inspiron_5410_2-in-1_firmwarexps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_7472latitude_5175inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarelatitude_3320_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080vostro_3578_firmwareg15_5510vostro_7500_firmwarelatitude_5480inspiron_5310vostro_5510_firmwarevostro_5471_firmwareinspiron_14_3476_firmwareoptiplex_3046vostro_3468_firmwarelatitude_5414_rugged_firmwarelatitude_5424_rugged_firmwarelatitude_rugged_7330inspiron_15_5582_firmwarelatitude_7300_firmwarelatitude_5421latitude_9420_firmwarelatitude_5510g7_17_7700inspiron_5401_aio_firmwarevostro_5300_firmwarewyse_5470optiplex_5090_firmwarevostro_3501_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwarevostro_3710_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarexps_27_7760inspiron_7786_firmwarelatitude_3310_2-in-1_firmwareinspiron_15_5579latitude_5320latitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_27_7760_firmwareoptiplex_3280_all-in-one_firmwarexps_15_9500_firmwarelatitude_5411precision_7760optiplex_7450_firmwareinspiron_7306_2-in-1_firmwareoptiplex_7450vostro_3500_firmwareoptiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwarelatitude_7320_detachableinspiron_5509latitude_3480_firmwarelatitude_3189_firmwarelatitude_9520xps_13_9360_firmwarevostro_3590_firmwareinspiron_5406_2-in-1_firmwareinspiron_5498optiplex_7440_aio_firmwarelatitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300inspiron_7706_2-in-1inspiron_5508latitude_5289_firmwareprecision_5550_firmwarechengming_3980_firmwareinspiron_5491_2-in-1g7_7500_firmwarelatitude_3120_firmwarelatitude_5590_firmwareinspiron_15_7572_firmwareinspiron_5590vostro_5481_firmwarevostro_5490inspiron_5301_firmwarevostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5408_firmwareinspiron_5498_firmwareprecision_5540vostro_5490_firmwareinspiron_3480latitude_7520_firmwarelatitude_3490precision_3930_rack_firmwarevostro_3710inspiron_3670latitude_5420inspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareinspiron_7390precision_3430_tower_firmwareprecision_7560_firmwarelatitude_3300_firmwarevostro_5471latitude_7400_2-in-1precision_3640_towervostro_5510inspiron_3490vostro_5581latitude_7210_2-in-1_firmwarelatitude_rugged_5430_firmwarexps_13_9310latitude_5510_firmwarevostro_3510_firmwareinspiron_3670_firmwarevostro_15_7570inspiron_5410_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwareinspiron_5408latitude_7220_rugged_extreme_tablet_firmwarevostro_5410_firmwarevostro_5502_firmwareprecision_3540_firmwareoptiplex_3046_firmwarelatitude_3380latitude_5289g3_3500_firmwareprecision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwarelatitude_3410precision_5510_firmwarevostro_5402_firmwareprecision_3420_towerg5_15_5590optiplex_7490_all-in-one_firmwareinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarelatitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarelatitude_3500vostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarealienware_m15_r6precision_5520_firmwarevostro_3890_firmwareoptiplex_5490_aiochengming_3988xps_15_7590latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareprecision_5540_firmwareinspiron_5401_firmwareinspiron_7573vostro_5501vostro_5590xps_8940_firmwarelatitude_7320_firmwarelatitude_3120vostro_3480precision_3560inspiron_5401_aiooptiplex_5260_all-in-one_firmwareinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedoptiplex_3070inspiron_13_7378_firmwareoptiplex_3040vostro_3910_firmwarelatitude_7290_firmwareprecision_7530inspiron_5370_firmwareinspiron_5391_firmwareinspiron_5502_firmwareoptiplex_7460xps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareinspiron_5409_firmwareprecision_3510xps_13_9380_firmwareinspiron_13_5379inspiron_5390latitude_5288latitude_7490optiplex_7060_firmwareprecision_3240_compact_firmwarelatitude_5521_firmwareinspiron_5401optiplex_5250vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwarevostro_15_7570_firmwareCPG BIOS
CWE ID-CWE-1038
Insecure Automated Optimizations
CVE-2022-26864
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.3||MEDIUM
EPSS-0.04% / 9.46%
||
7 Day CHG~0.00%
Published-23 Jun, 2022 | 17:55
Updated-16 Sep, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_5515_firmwareinspiron_3180inspiron_3185_firmwareinspiron_3585inspiron_5415_all-in-one_firmwarevostro_3525_firmwareg5_se_5505inspiron_27_7775_firmwareinspiron_5575_firmwareinspiron_3275vostro_5415inspiron_7415_firmwareinspiron_5415inspiron_3785_firmwareinspiron_3525_firmwareinspiron_3195inspiron_14_5425inspiron_3515_firmwareinspiron_3180_firmwareinspiron_3475inspiron_5505alienware_m15_r5_firmwareinspiron_3505inspiron_3595vostro_5515g15_5515inspiron_3275_firmwareinspiron_7425_firmwarevostro_3405inspiron_5485vostro_5515_firmwareg15_5515_firmwarevostro_5625vostro_3515_firmwareinspiron_3185inspiron_7405_firmwareinspiron_5515inspiron_5415_firmwareinspiron_5405_firmwareinspiron_3505_firmwareinspiron_5585inspiron_7375_firmwareinspiron_3785inspiron_3515inspiron_7415inspiron_3525vostro_3405_firmwarevostro_3515inspiron_5575vostro_5625_firmwareinspiron_3195_firmwareinspiron_5415_all-in-oneinspiron_27_7775inspiron_5505_firmwareinspiron_7425alienware_m15_r5inspiron_3595_firmwareinspiron_7375inspiron_3585_firmwareinspiron_5485_firmwareg5_se_5505_firmwareinspiron_5585_firmwareinspiron_7405vostro_5415_firmwareinspiron_14_5425_firmwareinspiron_5405inspiron_3475_firmwarevostro_3525CPG BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-28976
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.04% / 12.38%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 08:01
Updated-21 Jan, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.

Action-Not Available
Vendor-Dell Inc.
Product-repository_managerDell Repository Manager (DRM) repository_manager
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-5385
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.32%
||
7 Day CHG~0.00%
Published-18 Aug, 2020 | 20:40
Updated-17 Sep, 2024 | 02:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.

Action-Not Available
Vendor-Dell Inc.
Product-encryptionendpoint_security_suite_enterpriseDell Encryption Enterprise
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-24426
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.66%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 20:00
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_updatecommand_updateupdateDell Command Update (DCU)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-24421
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 03:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-25958
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-26 Mar, 2024 | 15:18
Updated-28 Jan, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorized access to application data, unauthorized modification of application data and service disruption.

Action-Not Available
Vendor-Dell Inc.
Product-grabGrab for Windowsgrab_for_windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-44290
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.04% / 11.09%
||
7 Day CHG~0.00%
Published-23 Nov, 2023 | 06:46
Updated-02 Aug, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-command\|monitorDell Command Monitor (DCM)
CWE ID-CWE-284
Improper Access Control
CVE-2022-24420
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-25960
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.04% / 10.88%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 18:13
Updated-09 Jan, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFSpowerscale_onefs
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2022-24419
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.38%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 21:45
Updated-16 Sep, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.

Action-Not Available
Vendor-Dell Inc.
Product-alienware_m15_r4_firmwarealienware_m17_r4_firmwarealienware_x17_r1alienware_15_r3inspiron_3465latitude_3379_firmwareedge_gateway_3000alienware_m17_r3inspiron_15_5566vostro_3669edge_gateway_5100_firmwarewyse_7040_thin_client_firmwarevostro_3268_firmwareinspiron_3482_firmwarevostro_3660alienware_aurora_r8alienware_x15_r1_firmwarealienware_x15_r1embedded_box_pc_3000inspiron_3277wyse_7040_thin_clientvostro_14_5468_firmwarealienware_15_r3_firmwarealienware_15_r4vostro_3572_firmwareinspiron_3482alienware_m17_r4alienware_area_51m_r1_firmwarealienware_m17_r2inspiron_3510_firmwarealienware_area_51m_r2alienware_x17_r1_firmwarealienware_aurora_r8_firmwarexps_8930vostro_3572vostro_3669_firmwarealienware_m15_r3_firmwarealienware_13_r3_firmwareinspiron_3782_firmwarealienware_m17_r3_firmwareedge_gateway_5000vostro_14_5468alienware_m15_r4vostro_3668_firmwareinspiron_3565_firmwareinspiron_3477alienware_13_r3vostro_3667inspiron_3510latitude_3379edge_gateway_3000_firmwareinspiron_3277_firmwarevostro_3660_firmwarevostro_15_5568_firmwarevostro_15_5568alienware_17_r5alienware_m15_r2_firmwareinspiron_15_3573_firmwarealienware_area_51m_r1inspiron_3782inspiron_3582alienware_17_r4_firmwarealienware_m15_r2inspiron_3565edge_gateway_5000_firmwarevostro_3582_firmwareinspiron_3582_firmwarealienware_m17_r2_firmwareinspiron_3465_firmwareinspiron_3502_firmwarevostro_3267edge_gateway_5100xps_8930_firmwareinspiron_3477_firmwarealienware_17_r4inspiron_15_3573inspiron_14_3473vostro_3268embedded_box_pc_5000_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwarealienware_m15_r3inspiron_3502vostro_3267_firmwareinspiron_14_3473_firmwarealienware_15_r4_firmwarevostro_3582vostro_3667_firmwareinspiron_15_5566_firmwarealienware_area_51m_r2_firmwarealienware_17_r5_firmwarevostro_3668CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-22449
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 7.20%
||
7 Day CHG~0.00%
Published-01 Feb, 2024 | 09:48
Updated-17 Jun, 2025 | 14:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefs PowerScale OneFS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-22452
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.10% / 28.66%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 13:08
Updated-31 Jan, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-display_and_peripheral_managerDell Display and Peripheral Manager display_manager
CWE ID-CWE-264
Not Available
CVE-2024-22428
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.05% / 13.26%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 04:02
Updated-13 Nov, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-29500
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 6.61%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-17 Sep, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstoreemc_powerstore_firmwarePowerStore
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-29502
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.03% / 6.61%
||
7 Day CHG~0.00%
Published-05 Jan, 2021 | 21:40
Updated-17 Sep, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerstoreemc_powerstore_firmwarePowerStore
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-53289
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.77%
||
7 Day CHG~0.00%
Published-11 Dec, 2024 | 07:40
Updated-04 Feb, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Action-Not Available
Vendor-Dell Inc.
Product-thinosWyse Proprietary OS (Modern ThinOS)
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2023-24575
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.90%
||
7 Day CHG~0.00%
Published-21 Feb, 2023 | 04:03
Updated-12 Mar, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system

Action-Not Available
Vendor-Dell Inc.
Product-multifunction_printer_e525w_driver_and_software_suiteDell Multifunction Printer E525w Driver and Software Suite
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-26194
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.05% / 14.77%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 21:25
Updated-17 Sep, 2024 | 02:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations. Note: no non-admin users or roles have these privileges by default.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-0172
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.9||HIGH
EPSS-0.05% / 13.26%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 09:09
Updated-04 Feb, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-poweredge_c6520_firmwarepoweredge_r660xs_firmwarepoweredge_t340_firmwarepoweredge_r6615_firmwareemc_xc_core_xc7525poweredge_r940xapoweredge_xr11emc_xc_core_xc750_firmwarepoweredge_r740xd2_firmwarepoweredge_xe2420poweredge_mx840cpoweredge_xe8640_firmwarepoweredge_mx740c_firmwarepoweredge_r860poweredge_r740xd_firmwarepoweredge_xe2420_firmwarepoweredge_r340emc_xc_core_xc940_system_firmwareemc_xc_core_xc750xa_firmwarepoweredge_r6515_firmwareemc_xc_core_xc750poweredge_xe7440nx440poweredge_xr12_firmwarepoweredge_t560poweredge_xe8545poweredge_r840emc_xc_core_xcxr2poweredge_r760xd2poweredge_r760xsemc_storage_nx3340_firmwarepoweredge_r6415poweredge_xr8610tpoweredge_r350_firmwareemc_xc_core_6420_systempoweredge_r7425_firmwarepoweredge_r840_firmwarepoweredge_r7625_firmwarepoweredge_r740xdpoweredge_xr2_firmwareemc_xc_core_xc450emc_xc_core_xc740xd_system_firmwaredss_8440poweredge_xr7620_firmwarepoweredge_c6525_firmwareemc_xc_core_xc640_systempoweredge_r640poweredge_r6525emc_xc_core_xc6520_firmwarepoweredge_t340poweredge_mx750c_firmwarepoweredge_r750xa_firmwarepoweredge_xr7620poweredge_xe9640_firmwarepoweredge_mx840c_firmwarepoweredge_r650nx440_firmwarepoweredge_r660_firmwareemc_xc_core_xcxr2_firmwarepoweredge_t350_firmwarepoweredge_hs5610_firmwarepoweredge_xr4520c_firmwarepoweredge_t640poweredge_r7625poweredge_r750_firmwarepoweredge_c4140_firmwarepoweredge_mx760cpoweredge_r240_firmwarepoweredge_mx760c_firmwarepoweredge_xr5610poweredge_r6625poweredge_r450dss_8440_firmwarepoweredge_t550_firmwarepoweredge_r7415_firmwarepoweredge_m640_firmwarepoweredge_xr4520cpoweredge_r7515_firmwarepoweredge_mx740cpoweredge_c4140poweredge_xr11_firmwarepoweredge_t140_firmwarepoweredge_r6415_firmwarepoweredge_t560_firmwarepoweredge_r760xd2_firmwarepoweredge_xr2poweredge_r6525_firmwarepoweredge_r960poweredge_r340_firmwarepoweredge_hs5610emc_xc_core_xc740xd_systempoweredge_t640_firmwareemc_xc_core_xc640_system_firmwarepoweredge_mx750cpoweredge_c6520poweredge_r440poweredge_r440_firmwarepoweredge_r350emc_xc_core_xc740xd2poweredge_r740poweredge_xe9680emc_storage_nx3340poweredge_xr8610t_firmwarepoweredge_t550poweredge_c6525poweredge_xe8545_firmwarepoweredge_r240poweredge_xr5610_firmwarepoweredge_r7415poweredge_r740_firmwarepoweredge_r760xapoweredge_r860_firmwarepoweredge_r6625_firmwarepoweredge_t150_firmwarepoweredge_r250poweredge_c6420_firmwarepoweredge_m640poweredge_c6420emc_xc_core_xc750xapoweredge_r760poweredge_xr12poweredge_r7615_firmwarepoweredge_xr8620temc_xc_core_xc450_firmwarepoweredge_xr8620t_firmwarepoweredge_r760xs_firmwarepoweredge_r6515emc_xc_core_xc650_firmwareemc_storage_nx3240poweredge_t150poweredge_r650_firmwarepoweredge_xe9680_firmwarepoweredge_t440emc_xc_core_6420_system_firmwareemc_xc_core_xc650poweredge_r7515emc_xc_core_xc7525_firmwarepoweredge_r660xspoweredge_xe7420_firmwarepoweredge_r550_firmwarepoweredge_c6620_firmwarepoweredge_m640_\(pe_vrtx\)_firmwarepoweredge_xe8640poweredge_xe7440_firmwarepoweredge_r960_firmwarepoweredge_xe9640poweredge_r650xspoweredge_r940xa_firmwarepoweredge_r750xapoweredge_t350poweredge_fc640_firmwarepoweredge_r7425poweredge_r760_firmwarepoweredge_r250_firmwarepoweredge_c6620poweredge_r7525_firmwarepoweredge_fc640poweredge_xr4510c_firmwarepoweredge_r740xd2emc_xc_core_xc6520poweredge_r640_firmwarepoweredge_r660poweredge_r450_firmwarepoweredge_r7615poweredge_r940poweredge_t440_firmwarepoweredge_r750xspoweredge_xr4510cpoweredge_r7525poweredge_r760xa_firmwarepoweredge_xe7420poweredge_r750xs_firmwareemc_xc_core_xc940_systempoweredge_r750poweredge_m640_\(pe_vrtx\)poweredge_r650xs_firmwarepoweredge_t140poweredge_hs5620_firmwarepoweredge_r540poweredge_r540_firmwarepoweredge_r940_firmwareemc_storage_nx3240_firmwareemc_xc_core_xc740xd2_firmwarepoweredge_r6615poweredge_r550poweredge_hs5620PowerEdge Platformpoweredge_t140_firmwarepoweredge_r7615_firmwarepoweredge_t560_firmwarepoweredge_r6515_firmwarepoweredge_hs5610_firmwarepoweredge_xr4510c_firmwarepoweredge_r7515_firmwarepoweredge_xr8620t_firmwareemc_xc_core_xc450_firmwarepoweredge_r760xa_firmwarepoweredge_mx750c_firmwarepoweredge_r650_firmwareemc_xc_core_xc650_firmwarepoweredge_xe7440_firmwarepoweredge_c6520_firmwareemc_storage_nx3340_firmwarepoweredge_r550_firmwareemc_xc_core_xc750_firmwarepoweredge_r840_firmwarepoweredge_t150_firmwarepoweredge_r760xd2_firmwarepoweredge_c4140_firmwarepoweredge_r250_firmwarepoweredge_r760_firmwarepoweredge_mx840c_firmwarepoweredge_r350_firmwarepoweredge_r750_firmwarepoweredge_r660_firmwarepoweredge_c6525_firmwarepoweredge_r6625_firmwarepoweredge_r6415_firmwarepoweredge_fc640_firmwarepoweredge_xe7420_firmwarepoweredge_t640_firmwarepoweredge_c6420_firmwarepoweredge_r7415_firmwarepoweredge_t550_firmwarepoweredge_xr7620_firmwarepoweredge_r240_firmwarepoweredge_xe2420_firmwarepoweredge_r940_firmwarepoweredge_xr11_firmwarepoweredge_r650xs_firmwarepoweredge_r740xd_firmwarepoweredge_xr12_firmwarepoweredge_r7625_firmwarepoweredge_xe9640_firmwarepoweredge_r440_firmwarepoweredge_mx740c_firmwarepoweredge_xe9680_firmwarepoweredge_xr5610_firmwarepoweredge_r640_firmwarepoweredge_xr4520c_firmwarepoweredge_r940xa_firmwarepoweredge_r7525_firmwarepoweredge_c6620_firmwarepoweredge_mx760c_firmwarepoweredge_xe8545_firmwarepoweredge_r6615_firmwareemc_storage_nx3240_firmwarepoweredge_m640_firmwarepoweredge_r540_firmwarepoweredge_r740_firmwarepoweredge_r660xs_firmwarepoweredge_t340_firmwarepoweredge_r760xs_firmwarepoweredge_r740xd2_firmwarepoweredge_r340_firmwarepoweredge_xr2_firmwarepoweredge_r6525_firmwarepoweredge_r450_firmwarepoweredge_xe8640_firmwarepoweredge_r750xa_firmwarepoweredge_r960_firmwarepoweredge_r7425_firmwarepoweredge_r750xs_firmwarepoweredge_t440_firmwarepoweredge_t350_firmwarepoweredge_r860_firmwarepoweredge_hs5620_firmware
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-0155
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 13:00
Updated-08 Jan, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)digital_delivery
CWE ID-CWE-416
Use After Free
CVE-2020-26192
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.77%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 21:25
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no non-admin users or roles have these privileges by default.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-26191
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.77%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 21:25
Updated-16 Sep, 2024 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-0156
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.08% / 24.54%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 12:54
Updated-08 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)dell_digital_delivery
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-23696
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.08% / 24.10%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 09:49
Updated-25 Mar, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system.

Action-Not Available
Vendor-Dell Inc.
Product-command_\|_intel_vpro_out_of_bandDell Command Intel vPro Out of Band (DCIV)
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-48670
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.3||HIGH
EPSS-0.04% / 10.80%
||
7 Day CHG~0.00%
Published-22 Dec, 2023 | 15:57
Updated-02 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_home_pcsSupportAssist Client Consumer
CWE ID-CWE-426
Untrusted Search Path
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 10
  • 11
  • Next
Details not found